Irrespective of the OS in your cellphone,

your device can be Cyb-Attacked.

Is Apple Safe?
The myth has always been that Apple devices are insusceptible to malware,
however, the reality is that they are just as vulnerable as Windows and Android
Phones. Apple that once remained a relatively safe platform when compared to
Android and Windows, is seeing a boom of malware targeting its operating
systems since January 2014.
According to Symantecs findings, besides its Mac OS X and the newer iOS,
systems like Apple Pay is making Apple devices a key target of malware. 2016
could see more attacks on the iOS platform, it states. According to IDC, Apple
now accounts for 13.5 per cent of global smartphone shipments and 7.5 per cent
of global PC shipments. This increase in usage has not gone unnoticed by
attackers. A rising number of threat actors have begun developing specific
malware designed to infect devices running Mac OS X or iOS, Symantec Director
Solutions Product Management (Asia Pacific and Japan) Tarun Kaura told PTI

Same story with Android and Windows.

Another study by Trend Micro, shows without surprise that 95% of Android
devices were affected by Stagefright in Q3 of this year. Stagefright, which allows
attackers to install malware on affected devices by distributing malicious
Multimedia Messaging Service (MMS) messages, reportedly put nine out of 10 at
risk. Another critical Mediaserver vulnerability, which could cause devices to
endlessly reboot and allow attackers to remotely run arbitrary code, was also
found.

Irrespective of the OS in your cellphone,

your device can be Cyb-Attacked.
Loopholes
In response to the recent spate of Android vulnerability discoveries, Google
announced regular security updates for the platform. Security patches may not be
able make their way to all devices without the support of manufacturers and carriers,
rendering them vulnerable to exploitation.
Apples increasing phone market share is tempting attackers to exert more effort to
exploit iOS apps. Were bound to see more Ghost-like threats in the future. Attackers
may also opt to abuse certificates and APIs to distribute iOS malware. Quoted Ju
Zhu, Mobile Threat Researcher.

Changes in modus-operandi of the attackers!

Research reports show that cybercriminals have gone from targeted attacks to
traditional mass infection techniques such as spam, botnets, and exploit kits. While
bigger and better-secured organizations may experience breaches of their own if ever
attackers successfully manage to leech off data from their smaller, less-secure
partners, consumers may also find their personal information at risk if companies
continue to get breached due to this lateral progression of attacks.

Solutions!

Apple needs to constantly tighten its app-posting policies.

Enterprises must adjust their incident response plans to manage the advent of
secondary stages of attack.
Regular security updates for the platform.

Ethical Phishing by PwC to get your organization a step

forward to safety!
Somethings Phishy!
Phishing attacks could either be in the form of an email from a trusted source
asking for personal information such as passwords, bank details, personal
details, or it could mimic an existing website or webpage and trick a user into
entering confidential information on the page.
India is amongst the most frequently targeted countries for phishing attacks.
According to recent reports by leading security vendors, it figures amongst top
10 targets for such attacks globally

PwC Phishing for safety!

In order to let organizations assess their employees' understanding of cyber risks
in real time, consultancy PwC India has developed a phishing diagnostic software
that will be delivered through cloud and be able to provide an accurate estimate
of how seriously employees are about social engineering attacks.
Organisations regularly conduct training programmes to test whether employees
understand the risks associated with phishing.
"There was no measurement to tell how effective training programmes to build
awareness for phishing are. So we ended up creating a platform on the cloud
through which we can send a phishing mail to company employees and play it
back, the user activity and report what mistakes they are doing," said Krishnan.

Ethical Phishing by PwC to get your

organization a step forward to safety!
PhishPro at your companys rescue!
PhishPro, the software developed by PwC, can send phishing emails
and asses the exact mistakes employees make- from opening and
backing up emails, to clicking on harmful links contained within
those emails. It can also help test already installed technical
controls at the client side by sending malware- or harmful software
to damage a computer system.
The software was developed by about 12 people at the India team
of PwC at a total cost of Rs 1.8 crore, over about four months. The
consultancy piloted the project with an Indian bank, and has also
tested the software with three of its US-based clients operating out
of India.
The software will be offered to PwC clients as a service, and not as
a product, unlike how most original equipment manufacturers sell
similar software.
The charges will begin as low as Rs 5-10 for basic assessment and
go higher based on the level of information the company wants and
what kind of awareness campaign they want to run.

The Next-Gen IT Organizations should

be Multi-Thread and not Bi-Modal.
The Bi-Modal Concept!
It works on the principle wherein, one part of the IT organization operates
traditionally while the other part performs in the new agile mode of digital
transformation.
The Bi-Modal IT concept , has been around for nearly two years, having first been
proposed by Gartner as a prescriptive organization model for enterprise IT.

Multi-Thread Concept!
The new-style skills and capabilities of agility, responsiveness, collaboration,
innovation, customer engagement and digital fluency must weave through all of
IT.
That way, those threads can be pulled into in any of ITs endeavors, with
minimum ramp-up.
This is what new age multi thread concept is!
Agile, collaborative, digitally innovative and customer-engaged governance,
development and implementation methods are the new backbone of IT
organizations.

The Next-Gen IT Organizations should

be Multi-Thread and not Bi-Modal.
Why Not Bi-Modal?
Bi-Modal:
A rise in bimodal chatter over the past spring and summer led us to poll 20CIO
Executive Council members about it, and 75 percent responded that they viewed
the concept of bimodal IT very favorably.

Multi-Thread:
Bimodal is a refuge, a temporary relief, and a false hope for the leaders of IT orgs
that are failing to reinvent themselves as future-ready innovators and
transformers. There is no long-term reason to preserve and cling to the old ways.
In fact, doing so will be deadly for many CIOs.
The capabilities of agility, responsiveness, collaboration, innovation, customer
engagement and digital fluency must weave through all of IT and not be isolated
to some compartmentalized digital innovation team.
Is there a long-term future for IT staff who dont interact with business peers or
end customers? Who just manage projects with a service provider approach and
with little knowledge of the business goals their actions are presumably tied to?
Maybe, at some IT vendors code factory. But not at a business that must
transform to keep pace with customer expectationsthat is, your business and
mine.

People Power to the rescue of the elderly!

Elderly Situation:
The United States senior population is growing quickly, and so is the need to
manage their care.
Most seniors want to remain at home rather than spend their final days in a
nursing home, which presents the seniors and those who care for them a thorny
problem.

What's on offer by People Power!

Software developer People Power thinks it has a solution based on its DIY homesecurity system.
The company thinks that with some minor modifications, its Presence app
which supports a variety of sensors and can convert any Android or iOS device
with a camera into a home security cameracan be put to use for in-home elder
care.

People Power to the rescue of the

elderly!
Presence Pro:
People Power is calling the service Presence Pro Care, and has launched an
Indiegogo campaign to support its efforts. The Key features are listed below:
In addition to the preexisting features ported from its security service, Presence
Pro Care will track medications and monitor a persons daily activities. The data
is then analyzed, and caregivers are notified if the service notices any
aberrations in the persons daily routine.
Another key feature of the service is fall detection, something that is a
considered one of the biggest dangers of seniors living alone, and is often a
reason many are kept from doing so.
Presence Pro Care still offers the same functionality that services like Life Alert
do, including the alert button pendant that most people are already familiar with.
From there the service is significantly different, as it not only calls emergency
responders, but also alerts a predetermined group of caregivers to incidents as
well.
Pricing: Currently the service is expected to retail for anywhere from $149 to $699,
depending on the features purchased, when it starts shipping in mid-2016. A $15per-month service charge will also apply.

Encryption backed by Tech Giants.

Governments Say!
Many politicians criticised the data-scrambling systems that tech firms are
increasingly applying to hardware and services.
They have called for encryption to be weakened in order to help police and
intelligence services catch criminals or thwart potential terror attacks. Others want
backdoors included in encryption software that would give law enforcement access
to data that is otherwise locked away.

ITICs:
The Information Technology Industry Council (ITIC) is a global lobby and policy group
that communicates the views of tech firms to politicians and legislative bodies.
Google, Microsoft, Facebook, Samsung and many other computer industry firms are
all ITIC member.

ITICs Statement
But, said the ITIC, weakening encryption in a bid to help the "good guys" was a
mistake. Doing so "would actually create vulnerabilities to be exploited by the bad
guys", it warned. Such a move "would almost certainly cause serious physical and
financial harm across our society and our economy. Weakening security with the aim
of advancing security simply does not make sense," said the ITIC

INDIA INKS 11 PRICING AGREEMENTS WITH

MNCS FROM IT AND ITES SECTORS
Advance Pricing Agreement!
An Advance Pricing Agreement, or APA, is essentially a negotiated deal between
a taxpayer and the tax authorities that sets out beforehand the method for
determining the transfer pricing pertaining to transactions between a subsidiary
and its foreign parent.
This relates to the pricing of assets, tangible and intangible, services, and funds
that are transferred within an organisation in a cross- border transaction.
The APA regime, rolled out in 2013-14 in the country, has elicited very good
response from the industry.
India has so far signed 31 APAs including these set of APA.

INDIA INKS 11 PRICING AGREEMENTS

WITH MNCS FROM IT AND ITES
SECTORS
India signs 11 Pricing Agreements with MNCs
India has inked 11 advance pricing agreements with multinational companies
from sectors such as IT and ITES, investment advisory and services sector
"The effort of the APA authorities is impressive. A lot of hard work has gone into
analysing these cases and getting them to a closure"," said Vijay Iyer, Partner &
National Leader for Transfer Pricing, EY.
Considering the time since its inception, this has been remarkable and frankly
quite affirmative for the Indian business houses.
This has strengthened the confidence in the Indian revenue authorities and we
could see many more MNCs to opt for APA route in order to attain certainty and
avoid protractive litigations.
This could also boost the number of companies opting for rollback of APAs in
coming years." said Rakesh Nangia, Managing Partner, Nangia & Co.

HALF OF ALL BUSINESSES WILL UPGRADE

TO WINDOWS 10 BY NEXT YEAR
Windows 10 vis--vis Windows 7:
Windows 10 adoption will be much faster for businesses than it was for Windows
7, though it doesn't make a tangible prediction.
The research company cites several factors compelling organizations to make
the upgrade, including :

the end of support for Windows 7 in 2020.

Windows 10's compatibility with Windows 7 applications and devices,
And a desire for organizations to move end-users from desktops and laptops to 2-in-1
devices.

If your organization is still using Windows 7, it might be time to make the move
to Windows 10.
New Gartner research data suggests 50% of all businesses will be making the
shift to Windows 10 by the start of 2017.

HALF OF ALL BUSINESSES WILL

UPGRADE TO WINDOWS 10 BY NEXT
YEAR
Why go enterprise?
Windows 10 Enterprise gives IT departments the freedom to delay
software patches, security fixes and latest OS features.
Consumer versions of the software do not offer this option.

Businesses that download the software updates at their own pace

will have greater compatibility with existing applications and use
cases without requiring massive overhauls or implementations of
third-party apps.

DIGITAL ASSISTANTS PERSONALITIES

HAVE TECH COMPANIES DIVIDED
Difference in Digi-Assistants behaviors!!

When users ask Siri, Apple's digital assistant, what she likes to drink, she says, "I have a thirst
for knowledge.

Her counterpart at Microsoft, Cortana, opts for avery, very dry martini.

But M, the digital assistant Facebook is testing, deflects the question. "I don't have an opinion
about that. What's your favorite drink?"

As the tech giants race to build better artificial intelligence platforms, they are obsessing over
the nuances of their digital assistants' personalities.

For users, digital assistants are a gateway to powerful artificial intelligence tools developers
expect to influence major decisions about what to buy and how to spend time.

The more tech companies can get users to rely on their digital assistants, the more valuable
data they will accumulate about the spending habits, interests and preferences of users.

The information could be fodder for lucrative digital advertising or a lever for companies to
keep users locked into their ecosystems.

DIGITAL ASSISTANTS PERSONALITIES

HAVE TECH COMPANIES DIVIDED
Why the split in Tech Companies?
But firms are split on the best way to forge deep connections with users.
Siri and Cortana are waging charm offensives, both quick to crack a joke or tell a
story. Their elaborate personas are meant to keep users coming back.
While catchy one-liners generate buzz, a digital assistant with personality risks
alienating users or, the companies say, misleading them about the software's
true purpose: carrying out simple tasks.
For tech companies, the stakes are high, said Matt McIlwain, managing director
of Madrona Venture Group, since digital assistants can guide users to their own
products and those of their advertisers and partners and away from those of
competitors.

CYBER SECURITY: IDENTIFYING THREATS AND

FORTIFYING NETWORKS IN DEVELOPING
COUNTRIES
Threat of Attacks:
Threat of attacks on the cyberspace cannot be fathomed without accepting the fact
that the internet, by definition, is an entity without any borders
Threat of attacks on the cyberspace cannot be fathomed without accepting the fact
that the internet, by definition, is an entity without any borders. What this implies is
that cyberspace of a particular country or region cannot be excluded from the global
network, which affects the latter and vice-versa.

Cyber attacks against developing countries

Speaking of threats, Indian cyberspace, which recently saw cyber breaches, surged by
a record 117%, did not enjoy a safe season in 2013-2014, when attacks peaked.
That time period saw a 136% increase in cyber offenses against Government of India
organizations and a 126% rise in offensives against financial institutions.
According to a Norton report, offensive cyber acts such as spear-phishing and
ransomware cost Indian people and companies around $4 billion.

CYBER SECURITY: IDENTIFYING

THREATS AND FORTIFYING NETWORKS
IN DEVELOPING COUNTRIES
The BRICS solution
Following such cyber threats, Brazil, as part of the BRICS collective, is trying to
bypass US-based web services.
Like most other Latin American nations, Brazil routes its internet traffic through
Miami-based Network Access Point. This makes it very difficult for the country to
keep its digital information safe from American agencies.
The solution in this case is the BRICS cable, a 34,000 km long
telecommunications cable connecting access points in Brazil, South Africa, India,
China and ending in Russia.
Not only will this bolster the internet security of developing nations like India,
Brazil, South Africa and China, but it will also save them the huge costs of using
hubs based in Europe and US.
All of these point to one fact - cyber warfare is here to stay.
The global concerns related to cyber security, especially from the point of view
of developing countries, need to be addressed immediately.
Countries like India and China can also greatly benefit when these concerns are
addressed as the solutions will definitely involved technical expertise and tools,
something which these countries have in abundance.

A SECOND MAJOR SECURITY

VULNERABILITY IN DELL COMPUTERS
A second major security vulnerability has been found in Dell computers that
leaves customers highly vulnerable to hackers, according to LaptopMag.
The new issue is caused by Dell System Detect, a tool provided by Dell to
help provide customer support, the company told Business Insider.
It means that attackers can stage a man-in-the-middle attack impersonating websites to trick users into giving up their passwords,
banking details, and other sensitive data.
It stems from a security certificate that comes is included in Dell System
Detect.
It includes its "private keys" which hackers could use to pretend to be a
website without triggering web browser alarms designed to spot this kind of
fraud.

A SECOND MAJOR SECURITY

VULNERABILITY IN DELL COMPUTERS
This is the second such issue discovered in Dell computers just this week: An earlier security
certificate "intended to make it faster and easier for customers to service our systems" also left
customers vulnerable.
Dell has since released an app that will delete the compromising certificate, and also published
instructions on how to do it manually.
The vulnerability doesn't just put customers' data at risk of theft - it could apparently also be used
to install malware on their devices.
"An attacker can impersonate web sites and other services, sign software and email messages,
and decrypt network traffic and other data," says a vulnerability report about the issue.
The first issue appears to have affected computers sold by Dell from August 2015 onwards. The
company is now planning to release a software fix to "address the issue."
In a statement, Dell said: "When we became aware of [earlier vulnerability] eDellRoot earlier this
week, we immediately dug into all our applications that get loaded on Dell PCs. We can confirm we
have found no other root certificates on the factory installed PC image. What we did find was that
the Dell System Detect application and its DSDTestProvider root certificate had similar
characteristics to eDellRoot."